In 1999, the Philippines Y2K Law was the first law crafted and deliberated online by the private sector.
Republic Act 8792, was signed into law last June 14, 2000. It is a landmark legislation in the history of the Philippines. Not only has this bill made the country a legitimate player in the global marketplace. The Philippine Internet community has played a major role in pushing for its passage. The law took effect last June 19, 2000.
With the Philippines relaxed stock market listing rules plus a proposed vibrant investment priorities program in place, Filipinos here and abroad, and its foreign partners, have something to look forward for.
Here are the salient features of Republic Act 8792:
1. It gives legal recognition of electronic data messages, electronic documents, and electronic signatures. (section 6 to 13)
2. Allows the formation of contracts in electronic form. (section 16)
3. Makes banking transactions done through ATM switching networks absolute once consummated. (section 16)
4. Parties are given the right to choose the type and level of security methods that suit their needs. (section 24)
5. Provides the mandate for the electronic implementation of transport documents to facilitate carriage of goods. This includes documents such as, but not limited to, multi-modal, airport, road, rail, inland waterway, courier, post receipts, transport documents issued by freight forwarders, marine/ocean bill of lading, non-negotiable seaway bill, charter party bill of lading. (section 25 and 26)
6. Mandates the government to have the capability to do e-commerce within 2 years or before June 19, 2002. (section 27)
7. Mandates RPWeb to be implemented. RPWeb is a strategy that intends to connect all government offices to the Internet and provide universal access to the general public. The Department of Transportation and Communications, National Telecommunications Commission, and National Computer Center will come up with policies and rules that shall lead to substantial reduction of costs of telecommunication and Internet facilities to ensure the implementation of RPWeb. (section 28)
8. Made cable, broadcast, and wireless physical infrastructure within the activity of telecommunications. (section 28)
9. Empowers the Department of Trade and Industry to supervise the development of e-commerce in the country. It can also come up with policies and regulations, when needed, to facilitate the growth of e-commerce. (section 29)
10. Provided guidelines as to when a service provider can be liable. (section 30)
11. Authorities and parties with the legal right can only gain access to electronic documents, electronic data messages, and electronic signatures. For confidentiality purposes, it shall not share or convey to any other person. (section 31 and 32)
12. Hacking or cracking, refers to unauthorized access including the introduction of computer viruses, is punishable by a fine from 100 thousand to maximum commensurating to the damage. With imprisonment from 6 months to 3 years. (section 33)
13. Piracy through the use of telecommunication networks, such as the Internet, that infringes intellectual property rights is punishable. The penalties are the same as hacking. (section 33)
14. All existing laws such as the Consumer Act of the Philippines also applies to e-commerce transactions. (section 33)
Anyone who uses the Internet, computer, cellular phone, and other IT-enabled devices has the duty to know RA8792. As the old saying goes, “Ignorance of the law doesn”t excuse anyone.”
There were several hacking/cracking incidents that took place in the past years. I am worried that these people behind the hacking attempts are completely ignoring RA8792 or The E-Commerce Law. In one of my public speaking engagements, I was asked how come there are still so many hacking attempts even now that we have a law. Is it unenforceable?
I fear that as e-commerce takes off in the government and private sector, the moment we run to law enforcers in times of trouble, they will not be able to help us as fast and efficient as we want them to be.
The law enforcement agencies such as the National Bureau of Investigation and Philippine National Police are continuously beefing up their skills. It is sad to note however that they have not received any form of funding for their training and cybercrime equipment. Whatever they have right now are donated by foreign governments in the form of training and equipment. Despite limited resources, the conviction of the first Filipino hacker under Republic Act 8792 puts high marks on our enforcement of the E-Commerce Law.
The business community and Internet users must contribute and work with government to take action on this. Whether or not we have a Cybercrime Law, giving appropriate funding for cybercrime enforcement is important. It will allow the creation of cybercrime helpdesks all over the country. We also need special courts to process cybercrime cases that can issue court orders as necessary to help in the investigation.
In addition, it requires vigilance from the Internet community as well. If you know of someone that has made these hacking actions, report them through PNP-CIDG or NBI. It is the duty of every Filipino to report these crimes. Those who became victims as well should report it and not just ignore it, change the site, and move on. If this is the attitude site owners will show, unlawful actions such as this, regardless of best or worst intention, will never cease. The web hosting, Internet Service Provider, phone companies should extend their best cooperation as well to facilitate efficient investigation in this regard.
More importantly, what the hackers should realize that just because they were not caught now, does not mean they are already off the hook. What they are only doing is accumulate offenses. One day, the hand of the law will reach them. Once that happens, all of these offenses can be combined into a one big case that can put them to jail longer than they think. Even if the owners of the sites that they were able to hack decide not to pursue a case against them, it does not mean they no longer have a liability. The hacking/cracking/piracy provision of the E-Commerce Law makes such acts as criminal offenses in nature, therefore what can only be waived, should the companies decide not to sue them, is the civil liability (monetary damages) and the criminal liability will still be pursued by the state.
I hope that publications can play a role in sparking vigilance among Internet users of this country and the world against acts of hacking/cracking/piracy. The act of hacking should never be glamorized and even make these people who commits these acts as heroes. It may send a wrong signal that our younger Internet generation might misunderstood.
These people are seeing that they”re getting the media mileage and attention that they long for and see it like a merit/badge of their hacking accomplishment. Being published, talked about, is I”m very sure, a big deal for some of these guys.
I hope to see the computer publications as a medium in making the Internet users vigilant and not scared/wary of these hackers. Perhaps feature articles on how the NBI, PNP, DOJ, ISPs, phone companies, National Security Council, handle these incidents.
Hacking, cracking, piracy is a crime under RA8792. The iron hand of the law must be fully enforced or else this can propagate further and cause irreparable damage to the Philippine Internet industry as a whole. The increase number of hacking incidents these past few weeks is already alarming. Worst, these people seems to be enjoying it and not even bothered with the consequences.
To understand the E-Commerce Law further, you can also read the following:
1.) Republic Act 8792 The E-Commerce Law
Contains full text of the Philippine E-Commerce Law
This is a pdf file. A guide made by Atty. JJ Disini where I”ve provided its legislative history.
3.) The E-Commerce Law Policy Advocacy Process (pages 106-116 of the Philippine Internet Review)
Petite Nuñez contributed a paper in the publication sharing how the law became possible. This can also serve as reference for anyone wanting to lobby information technology-related legislations in the future
4.) Additional regulations that were released after the passage of the legislation.
There are several department administrative orders and memorandum circular to support the implementation of the law.
5.) Lessons Learned in Cyber Legislation
As one of the lobbyist and got involved in monitoring its implementation, there are a lot of lessons learned especially in the implementation of the law that I shared here.